After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 654263 - evince crashed with SIGSEGV in g_markup_escape_text()
evince crashed with SIGSEGV in g_markup_escape_text()
Status: RESOLVED FIXED
Product: evince
Classification: Core
Component: general
3.1.x
Other Linux
: Normal critical
: ---
Assigned To: Evince Maintainers
Evince Maintainers
Depends on:
Blocks:
 
 
Reported: 2011-07-08 16:12 UTC by Pedro Villavicencio
Modified: 2011-10-16 09:25 UTC
See Also:
GNOME target: ---
GNOME version: 3.1/3.2



Description Pedro Villavicencio 2011-07-08 16:12:38 UTC
this report has been filed here:

https://bugs.launchpad.net/ubuntu/+source/evince/+bug/677971

"evince crashes when opening the attached PS"

https://bugs.launchpad.net/ubuntu/+source/evince/+bug/677971/+attachment/1739662/+files/sample.ps.gz

backtrace:

"Hilo 5 (Thread 0xafe87b70 (LWP 27453)):
  • #0 __kernel_vsyscall
  • #1 pthread_cond_wait
    at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 169
  • #2 ev_job_thread_proxy
    at /build/buildd/evince-3.1.2/./libview/ev-job-scheduler.c line 213
  • #3 g_thread_create_proxy
    at /build/buildd/glib2.0-2.29.10/./glib/gthread.c line 1954
  • #4 start_thread
    at pthread_create.c line 304
  • #5 clone
    at ../sysdeps/unix/sysv/linux/i386/clone.S line 130
  • #0 __kernel_vsyscall
  • #1 __poll
    at ../sysdeps/unix/sysv/linux/poll.c line 87
  • #2 g_poll
    at /build/buildd/glib2.0-2.29.10/./glib/gpoll.c line 132
  • #3 g_main_context_poll
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3474
  • #4 g_main_context_iterate
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3156
  • #5 g_main_loop_run
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3369
  • #6 ??
    from /usr/lib/gio/modules/libdconfsettings.so
  • #7 g_thread_create_proxy
    at /build/buildd/glib2.0-2.29.10/./glib/gthread.c line 1954
  • #8 start_thread
    at pthread_create.c line 304
  • #9 clone
    at ../sysdeps/unix/sysv/linux/i386/clone.S line 130
  • #0 __kernel_vsyscall
  • #1 pthread_cond_timedwait
    at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_timedwait.S line 236
  • #2 g_cond_timed_wait_posix_impl
    at /build/buildd/glib2.0-2.29.10/./gthread/gthread-posix.c line 242
  • #3 g_async_queue_pop_intern_unlocked
    at /build/buildd/glib2.0-2.29.10/./glib/gasyncqueue.c line 415
  • #4 g_thread_pool_wait_for_new_task
    at /build/buildd/glib2.0-2.29.10/./glib/gthreadpool.c line 274
  • #5 g_thread_pool_thread_proxy
    at /build/buildd/glib2.0-2.29.10/./glib/gthreadpool.c line 308
  • #6 g_thread_create_proxy
    at /build/buildd/glib2.0-2.29.10/./glib/gthread.c line 1954
  • #7 start_thread
    at pthread_create.c line 304
  • #8 clone
    at ../sysdeps/unix/sysv/linux/i386/clone.S line 130
  • #0 __kernel_vsyscall
  • #1 __poll
    at ../sysdeps/unix/sysv/linux/poll.c line 87
  • #2 g_poll
    at /build/buildd/glib2.0-2.29.10/./glib/gpoll.c line 132
  • #3 g_main_context_poll
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3474
  • #4 g_main_context_iterate
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3156
  • #5 g_main_loop_run
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3369
  • #6 gdbus_shared_thread_func
    at /build/buildd/glib2.0-2.29.10/./gio/gdbusprivate.c line 276
  • #7 g_thread_create_proxy
    at /build/buildd/glib2.0-2.29.10/./glib/gthread.c line 1954
  • #8 start_thread
    at pthread_create.c line 304
  • #9 clone
    at ../sysdeps/unix/sysv/linux/i386/clone.S line 130
  • #0 append_escaped_text
    at /build/buildd/glib2.0-2.29.10/./glib/gmarkup.c line 2107
  • #1 g_markup_escape_text
    at /build/buildd/glib2.0-2.29.10/./glib/gmarkup.c line 2183
  • #2 g_markup_vprintf_escaped
    at /build/buildd/glib2.0-2.29.10/./glib/gmarkup.c line 2433
  • #3 g_markup_printf_escaped
    at /build/buildd/glib2.0-2.29.10/./glib/gmarkup.c line 2490
  • #4 ev_sidebar_thumbnails_fill_model
    at /build/buildd/evince-3.1.2/./shell/ev-sidebar-thumbnails.c line 544
  • #5 ev_sidebar_thumbnails_document_changed_cb
    at /build/buildd/evince-3.1.2/./shell/ev-sidebar-thumbnails.c line 838
  • #6 g_cclosure_marshal_VOID__PARAM
    at /build/buildd/glib2.0-2.29.10/./gobject/gmarshal.c line 539
  • #7 g_closure_invoke
    at /build/buildd/glib2.0-2.29.10/./gobject/gclosure.c line 773
  • #8 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.29.10/./gobject/gsignal.c line 3256
  • #9 g_signal_emit_valist
    at /build/buildd/glib2.0-2.29.10/./gobject/gsignal.c line 2987
  • #10 g_signal_emit
    at /build/buildd/glib2.0-2.29.10/./gobject/gsignal.c line 3044
  • #11 g_object_dispatch_properties_changed
    at /build/buildd/glib2.0-2.29.10/./gobject/gobject.c line 925
  • #12 g_object_notify_dispatcher
    at /build/buildd/glib2.0-2.29.10/./gobject/gobject.c line 331
  • #13 g_object_notify_queue_thaw
    at /build/buildd/glib2.0-2.29.10/./gobject/gobjectnotifyqueue.c line 132
  • #14 g_object_notify_by_spec_internal
    at /build/buildd/glib2.0-2.29.10/./gobject/gobject.c line 983
  • #15 g_object_notify
    at /build/buildd/glib2.0-2.29.10/./gobject/gobject.c line 1024
  • #16 ev_document_model_set_document
    at /build/buildd/evince-3.1.2/./libview/ev-document-model.c line 306
  • #17 ev_window_load_job_cb
    at /build/buildd/evince-3.1.2/./shell/ev-window.c line 1589
  • #18 g_cclosure_marshal_VOID__VOID
    at /build/buildd/glib2.0-2.29.10/./gobject/gmarshal.c line 85
  • #19 g_closure_invoke
    at /build/buildd/glib2.0-2.29.10/./gobject/gclosure.c line 773
  • #20 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.29.10/./gobject/gsignal.c line 3256
  • #21 g_signal_emit_valist
    at /build/buildd/glib2.0-2.29.10/./gobject/gsignal.c line 2987
  • #22 g_signal_emit
    at /build/buildd/glib2.0-2.29.10/./gobject/gsignal.c line 3044
  • #23 emit_finished
    at /build/buildd/evince-3.1.2/./libview/ev-jobs.c line 178
  • #24 emit_finished
    at /build/buildd/evince-3.1.2/./libview/ev-jobs.c line 168
  • #25 g_idle_dispatch
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 4867
  • #26 g_main_dispatch
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 2500
  • #27 g_main_context_dispatch
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3083
  • #28 g_main_context_iterate
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3161
  • #29 g_main_loop_run
    at /build/buildd/glib2.0-2.29.10/./glib/gmain.c line 3369
  • #30 gtk_main
    from /usr/lib/libgtk-3.so.0
  • #31 main
    at /build/buildd/evince-3.1.2/./shell/main.c line 322

Comment 1 Fabio Durán Verdugo 2011-07-08 17:22:19 UTC
Yep, I can confirm this Bug, Here other stacktrace.

Program received signal SIGSEGV, Segmentation fault.
0x42f8c236 in append_escaped_text (length=<optimized out>, text=0x8447c70 "Example\363\061\063X", str=0x84c26d0) at gmarkup.c:2137
2137	            g_string_append_printf (str, "&#x%x;", c);

  • #0 append_escaped_text
    at gmarkup.c line 2137
  • #1 g_markup_escape_text
    at gmarkup.c line 2182
  • #2 g_markup_vprintf_escaped
    at gmarkup.c line 2432
  • #3 g_markup_printf_escaped
    at gmarkup.c line 2489
  • #4 ev_sidebar_thumbnails_fill_model
    at ev-sidebar-thumbnails.c line 544
  • #5 ev_sidebar_thumbnails_document_changed_cb
    at ev-sidebar-thumbnails.c line 838
  • #6 g_cclosure_marshal_VOID__PARAM
    at gmarshal.c line 533
  • #7 g_closure_invoke
    at gclosure.c line 767
  • #8 signal_emit_unlocked_R
    at gsignal.c line 3252
  • #9 g_signal_emit_valist
    at gsignal.c line 2983
  • #10 g_signal_emit
    at gsignal.c line 3040
  • #11 g_object_dispatch_properties_changed
    at gobject.c line 925
  • #12 g_object_notify_dispatcher
    at gobject.c line 330
  • #13 g_object_notify_queue_thaw
    at gobjectnotifyqueue.c line 132
  • #14 g_object_notify_by_spec_internal
    at gobject.c line 983
  • #15 g_object_notify
    at gobject.c line 1024
  • #16 ev_document_model_set_document
    at ev-document-model.c line 306
  • #17 ev_window_load_job_cb
    at ev-window.c line 1587
  • #18 g_cclosure_marshal_VOID__VOID
    at gmarshal.c line 79
  • #19 g_closure_invoke
    at gclosure.c line 767
  • #20 signal_emit_unlocked_R
    at gsignal.c line 3252
  • #21 g_signal_emit_valist
    at gsignal.c line 2983
  • #22 g_signal_emit
    at gsignal.c line 3040
  • #23 emit_finished
    at ev-jobs.c line 178
  • #24 emit_finished
    at ev-jobs.c line 168
  • #25 g_idle_dispatch
    at gmain.c line 4558
  • #26 g_main_dispatch
    at gmain.c line 2441
  • #27 g_main_context_dispatch
    at gmain.c line 3014
  • #28 g_main_context_iterate
    at gmain.c line 3092
  • #29 g_main_loop_run
    at gmain.c line 3300
  • #30 gtk_main
    at gtkmain.c line 1358
  • #31 main
    at main.c line 322

Comment 2 Carlos Garcia Campos 2011-10-16 09:25:46 UTC
Fixed the crash in git master. Thanks for reporting.